Skip to content

Commit

Permalink
Merge branch 'stable' into beta
Browse files Browse the repository at this point in the history
  • Loading branch information
Arusekk committed Jun 3, 2020
2 parents 03a315c + 917ffd8 commit 441b085
Show file tree
Hide file tree
Showing 9 changed files with 142 additions and 76 deletions.
80 changes: 64 additions & 16 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -17,13 +17,6 @@ jobs:
path: ~/.cache/pip
key: ${{ matrix.os }}-cache-pip

- name: Cache for dependencies
uses: actions/cache@v1
id: cache-deps
with:
path: android-?dk
key: ${{ matrix.os }}-cache-deps

- name: Set up Python ${{ matrix.python-version }}
uses: actions/setup-python@v1
with:
Expand All @@ -35,7 +28,28 @@ jobs:
flake8 . --count --select=E9,F63,F7 --show-source --statistics --exclude=android-?dk # TODO: Add F82
flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics --exclude=pwnlib/constants,android-?dk,.git,__pycache__
- name: Detect whether java is needed
id: java-needed
env:
GITHUB_REF: ${{ github.event.ref }}
GITHUB_COMMIT_RANGE: ${{ github.event.before }}...${{ github.event.after }}
run: |
if echo "$GITHUB_REF" | grep -Eq 'staging|tags'; then
echo "Found release or important branch ($GITHUB_REF), forcing tests."
elif ! git show "$GITHUB_COMMIT_RANGE" >/dev/null; then
echo 'Incorrect commit range, forcing android tests.'
elif git log --stat "$GITHUB_COMMIT_RANGE" | grep -iE 'android|\<adb\>'; then
echo 'Found Android-related commits, forcing tests.'
else
# clear files that cause Android doctests
: > docs/source/adb.rst > docs/source/protocols/adb.rst
exit 0
fi
echo ::set-output name=need::openjdk-8-jre-headless
- name: Install Linux dependencies
env:
ANDROID_JRE: ${{ steps.java-needed.outputs.need }}
run: |
sudo apt-get update
sudo apt-get install -y --no-install-recommends -o Acquire::Retries=3 \
Expand All @@ -47,17 +61,16 @@ jobs:
binutils-mips-linux-gnu \
binutils-powerpc-linux-gnu \
gcc-multilib \
openjdk-8-jre-headless
$ANDROID_JRE
sudo apt-get install -y -o Acquire::Retries=3 \
gcc-aarch64-linux-gnu \
gcc-arm-linux-gnueabihf
- name: Install android avd
if: steps.cache-deps.outputs.cache-hit != 'true'
if: steps.java-needed.outputs.need
run: |
USER=travis source travis/install.sh
adb emu kill
set | egrep '^(ANDROID|PATH)' >android-sdk/.android.env
set | egrep '^(ANDROID|PATH)' >.android.env
- name: Set up SSH
run: |
Expand Down Expand Up @@ -87,9 +100,7 @@ jobs:

- name: Coverage doctests
run: |
source android-sdk/.android.env
android-sdk/emulator/emulator -avd android-$ANDROID_ABI -no-window -no-boot-anim -read-only -no-audio -no-window -no-snapshot &
adb wait-for-device
source .android.env || :
echo 0 | sudo tee /proc/sys/kernel/yama/ptrace_scope # required by some gdb doctests
PWNLIB_NOTERM=1 coverage run -m sphinx -b doctest docs/source docs/build/doctest
Expand All @@ -108,11 +119,48 @@ jobs:
python setup.py sdist
python setup.py bdist_wheel --universal
- uses: actions/upload-artifact@v2-preview
- uses: actions/upload-artifact@v2
with:
path: dist/*
name: packages
path: dist/

- name: Upload coverage to coveralls.io
run: |
coverage combine
COVERALLS_REPO_TOKEN=PP20MEgztXIQJJTguQwe2jeCh6Bm4lkbv coveralls
staging-merge:
runs-on: ubuntu-latest
if: github.repository_owner == 'Gallopsled' && github.event_name == 'push' && startsWith(github.event.ref, 'refs/heads/') && endsWith(github.event.ref, '-staging')
needs: build
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 20
- name: Push changes to protected branch
env:
GITHUB_REF: ${{ github.event.ref }}
run: |
BRANCH=${GITHUB_REF#refs/heads/}
TARGET=${BRANCH%-staging}
git branch -f "$TARGET"
git push origin "$TARGET"
pypi:
runs-on: ubuntu-latest
if: github.event_name == 'push' && startsWith(github.event.ref, 'refs/tags')
needs: build
steps:
- name: Download artifacts
uses: actions/download-artifact@v2
with:
name: packages

- name: Publish package
uses: pypa/gh-action-pypi-publish@v1.1.0
with:
user: __token__
password: ${{ secrets.pypi_password }}

- if: failure()
run: ls -R
93 changes: 54 additions & 39 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -10,11 +10,13 @@ The table below shows which release corresponds to each branch, and what date th
| Version | Branch | Release Date |
| ---------------- | -------- | ---------------------- |
| [4.3.0](#430) | `dev` | Jun 30, 2020 (planned)
| [4.2.0](#420) | `beta` | May 30, 2020 (planned)
| [4.1.0](#410) | `stable` | May 8, 2020
| [4.2.0](#420) | `beta` | Jun 5, 2020 (planned)
| [4.1.1](#411) | `stable` | Jun 3, 2020
| [4.1.0](#410) | | May 8, 2020
| [4.0.1](#401) | | Jan 22, 2020
| [4.0.0](#400) | | Jan 09, 2020
| [3.13.0](#3130) | | Nov 5, 2019
| [3.12.2](#3122) | | Jan 8, 2019
| [3.12.1](#3121) | | Sept 17, 2018
| [3.12.0](#3120) | | Feb 22, 2018
| [3.11.0](#3110) | | Jan 3, 2018
Expand Down Expand Up @@ -53,17 +55,27 @@ To be released on Jun 30, 2020.

## 4.2.0 (`beta`)

To be released on May 30, 2020.
To be released on Jun 5, 2020.

- #1436 Add ret2dlresolve automation
- [#1436][1436] Add ret2dlresolve automation
- [fecf9f] tubes.ssh.process() no longer requires python 2 installed on remote (still requires python, though)
- Miscellanous improvements to DynElf and fmtstr leaker (see examples/fmtstr/exploit2.py)
- #1454 Support for windows console colors
- [#1454][1454] Support for windows console colors

[fecf9f]: http://github.com/Gallopsled/pwntols/commit/fecf9f
[1436]: https://github.com/Gallopsled/pwntools/pull/1436
[fecf9f]: http://github.com/Gallopsled/pwntools/commit/fecf9f
[1454]: https://github.com/Gallopsled/pwntools/pull/1454

## 4.1.1 (`stable`)

## 4.1.0 (`stable`)
- Fix PLT resolution by locking unicorn <1.0.2rc4 (#1538)
- Fix wrong ELF/context unpack handling (c4c11a37)
- Fix updating of ELF.functions addresses after changing ELF.address #1512 (#1513)
- Update Corefile warnings and replace asserts with normal checks (#1526)
- several py2-py3 issues (#1451)
- Fix cyclic command

## 4.1.0

- [#1316][1316] Fix connect shellcraft in python 3
- [#1323][1323] Fix issues related with debugging
Expand All @@ -72,15 +84,19 @@ To be released on May 30, 2020.
- [#1241][1241] Launch QEMU with sysroot if specified
- [#1218][1218] Support for FileStructure exploitation

[1241]: https://github.com/Gallopsled/pwntools/pulls/1218
[1218]: https://github.com/Gallopsled/pwntools/pulls/1218
[1316]: https://github.com/Gallopsled/pwntools/pull/1316
[1323]: https://github.com/Gallopsled/pwntools/pull/1323
[1001]: https://github.com/Gallopsled/pwntools/pull/1001
[1389]: https://github.com/Gallopsled/pwntools/pull/1389
[1241]: https://github.com/Gallopsled/pwntools/pull/1241
[1218]: https://github.com/Gallopsled/pwntools/pull/1218

## 4.0.1

- [#1412][1412] `recvline_pred()` and similar do not reorder data
- Bypass unicorn-engine/unicorn#1100 and unicorn-engine/unicorn#1170 requiring unstable package

[1412]: https://github.com/Gallopsled/pwntools/pulls/1412
[1412]: https://github.com/Gallopsled/pwntools/pull/1412

## 4.0.0

Expand All @@ -94,12 +110,13 @@ To be released on May 30, 2020.
- [#1202][1202] Docker: Kill 14 layers in pwntools base images
- [#1182][1182] shellcraft.dupio() for mips

[1391]: https://github.com/Gallopsled/pwntools/pulls/1391
[1317]: https://github.com/Gallopsled/pwntools/pulls/1317
[1285]: https://github.com/Gallopsled/pwntools/pulls/1285
[1216]: https://github.com/Gallopsled/pwntools/pulls/1216
[1202]: https://github.com/Gallopsled/pwntools/pulls/1202
[1182]: https://github.com/Gallopsled/pwntools/pulls/1182
[1402]: https://github.com/Gallopsled/pwntools/pull/1402
[1391]: https://github.com/Gallopsled/pwntools/pull/1391
[1317]: https://github.com/Gallopsled/pwntools/pull/1317
[1285]: https://github.com/Gallopsled/pwntools/pull/1285
[1216]: https://github.com/Gallopsled/pwntools/pull/1216
[1202]: https://github.com/Gallopsled/pwntools/pull/1202
[1182]: https://github.com/Gallopsled/pwntools/pull/1182
[76413f]: https://github.com/Gallopsled/pwntools/commit/76413f

## 3.13.0
Expand All @@ -110,32 +127,16 @@ To be released on May 30, 2020.
- [#1277][1277] Fix timeout parameter passing in sendlineafter and other similar functions
- [#1292][1292] Provide correct arch name to gdb for sparc64

[1175]: https://github.com/Gallopsled/pwntools/pulls/1175
[1204]: https://github.com/Gallopsled/pwntools/pulls/1355
[1277]: https://github.com/Gallopsled/pwntools/pulls/1277
[1292]: https://github.com/Gallopsled/pwntools/pulls/1292
[1355]: https://github.com/Gallopsled/pwntools/pulls/1355

## 3.12.1

- [#1104][1104] Add `DynELF.dump()` for dumping remote ELF files
- [#1101][1101] Set `context.os` via `context.binary`, useful for Android exploitation
- [5fdc08][5fdc08] Work around broken `pidof` on Android
- [63dfed][63dfed] Print warning when Corefile deletion fails instead of throwing an exception
- [#1094][1094] Make hexdump output alignment more consistent
- [#1096][1096] `flat()` and `fit()` are now the same function

[1104]: https://github.com/Gallopsled/pwntools/pull/1104
[1101]: https://github.com/Gallopsled/pwntools/pull/1101
[1094]: https://github.com/Gallopsled/pwntools/pull/1094
[1096]: https://github.com/Gallopsled/pwntools/pull/1096
[5fdc08]: https://github.com/Gallopsled/pwntools/commit/5fdc08
[63dfed]: https://github.com/Gallopsled/pwntools/commit/63dfed
[1175]: https://github.com/Gallopsled/pwntools/pull/1175
[1204]: https://github.com/Gallopsled/pwntools/pull/1204
[1277]: https://github.com/Gallopsled/pwntools/pull/1277
[1292]: https://github.com/Gallopsled/pwntools/pull/1292
[1355]: https://github.com/Gallopsled/pwntools/pull/1355

## 3.12.2

- [1242][1242] Use IntervalTree 2.xx, disallow use of 3.xx
- [1243][1243] Fix a typo that caused an exception when executing a binary with `process()` which returns `-ENOEXEC` and the system does not have `qemu-user` binaries installed.
- [#1242][1242] Use IntervalTree 2.xx, disallow use of 3.xx
- [#1243][1243] Fix a typo that caused an exception when executing a binary with `process()` which returns `-ENOEXEC` and the system does not have `qemu-user` binaries installed.

[1242]: https://github.com/Gallopsled/pwntools/pull/1242
[1243]: https://github.com/Gallopsled/pwntools/pull/1243
Expand All @@ -153,7 +154,15 @@ To be released on May 30, 2020.
- [#1131][1131] Add "libc-" to libc prefixes in `process` tubes
- [#1125][1125] Fix a typo
- [#1121][1121] Fix tests which were broken by an upstream Sphinx change
- [#1104][1104] Add `DynELF.dump()` for dumping remote ELF files
- [#1101][1101] Set `context.os` via `context.binary`, useful for Android exploitation
- [5fdc08][5fdc08] Work around broken `pidof` on Android
- [63dfed][63dfed] Print warning when Corefile deletion fails instead of throwing an exception
- [#1094][1094] Make hexdump output alignment more consistent
- [#1096][1096] `flat()` and `fit()` are now the same function

[1198]: https://github.com/Gallopsled/pwntools/pull/1198
[1191]: https://github.com/Gallopsled/pwntools/pull/1191
[1159]: https://github.com/Gallopsled/pwntools/pull/1159
[1162]: https://github.com/Gallopsled/pwntools/pull/1162
[1150]: https://github.com/Gallopsled/pwntools/pull/1150
Expand All @@ -163,6 +172,12 @@ To be released on May 30, 2020.
[1131]: https://github.com/Gallopsled/pwntools/pull/1131
[1125]: https://github.com/Gallopsled/pwntools/pull/1125
[1121]: https://github.com/Gallopsled/pwntools/pull/1121
[1104]: https://github.com/Gallopsled/pwntools/pull/1104
[1101]: https://github.com/Gallopsled/pwntools/pull/1101
[1094]: https://github.com/Gallopsled/pwntools/pull/1094
[1096]: https://github.com/Gallopsled/pwntools/pull/1096
[5fdc08]: https://github.com/Gallopsled/pwntools/commit/5fdc08
[63dfed]: https://github.com/Gallopsled/pwntools/commit/63dfed

## 3.12.0

Expand Down
2 changes: 1 addition & 1 deletion docs/source/about.rst
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@ This module is our "clean" python-code. As a rule, we do not think that
importing :mod:`pwnlib` or any of the submodules should have any significant
side-effects (besides e.g. caching).

For the most part, you will also only get the bits you import. You for instance
For the most part, you will also only get the bits you import. You for instance would
not get access to :mod:`pwnlib.util.packing` simply by doing ``import
pwnlib.util``.

Expand Down
6 changes: 3 additions & 3 deletions docs/source/install.rst
Original file line number Diff line number Diff line change
Expand Up @@ -25,9 +25,9 @@ pwntools is available as a ``pip`` package.
.. code-block:: bash
$ apt-get update
$ apt-get install python2.7 python-pip python-dev git libssl-dev libffi-dev build-essential
$ pip install --upgrade pip
$ pip install --upgrade pwntools
$ apt-get install python3 python3-pip python3-dev git libssl-dev libffi-dev build-essential
$ python3 -m pip install --upgrade pip
$ python3 -m pip install --upgrade pwntools
Development
--------------
Expand Down
6 changes: 4 additions & 2 deletions pwnlib/commandline/cyclic.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@
from __future__ import division

import argparse
import six
import string
import sys

Expand All @@ -21,7 +22,7 @@
'-a', '--alphabet',
metavar = 'alphabet',
default = string.ascii_lowercase.encode(),
type = bytes,
type = six.ensure_binary,
help = 'The alphabet to use in the cyclic pattern (defaults to all lower case letters)',
)

Expand Down Expand Up @@ -65,9 +66,10 @@ def main(args):
pat = args.lookup

try:
pat = packing.pack(int(pat, 0), subsize*8)
pat = int(pat, 0)
except ValueError:
pass
pat = flat(pat)

if len(pat) != subsize:
log.critical('Subpattern must be %d bytes' % subsize)
Expand Down
20 changes: 8 additions & 12 deletions pwnlib/elf/corefile.py
Original file line number Diff line number Diff line change
Expand Up @@ -945,16 +945,11 @@ def _parse_stack(self):

# Sanity check!
try:
assert stack[address] == b'\x00'
except AssertionError:
# Something weird is happening. Just don't touch it.
log.debug("Something is weird")
return
if stack[address] != b'\x00':
log.warning("Error parsing corefile stack: Could not find end of environment")
return
except ValueError:
# If the stack is not actually present in the coredump, we can't
# read from the stack. This will fail as:
# ValueError: 'seek out of range'
log.debug("ValueError")
log.warning("Error parsing corefile stack: Address out of bounds")
return

# address is currently set to the NULL terminator of the last
Expand All @@ -968,12 +963,14 @@ def _parse_stack(self):
p_last_env_addr = stack.find(pack(last_env_addr), None, last_env_addr)
if p_last_env_addr < 0:
# Something weird is happening. Just don't touch it.
log.warn_once("Found bad environment at %#x", last_env_addr)
log.warn_once("Error parsing corefile stack: Found bad environment at %#x", last_env_addr)
return

# Sanity check that we did correctly find the envp NULL terminator.
envp_nullterm = p_last_env_addr+context.bytes
assert self.unpack(envp_nullterm) == 0
if self.unpack(envp_nullterm) != 0:
log.warning("Error parsing corefile stack: Could not find end of environment variables")
return

# We've successfully located the end of the envp[] array.
#
Expand Down Expand Up @@ -1535,4 +1532,3 @@ def binfmt_lookup(self):
return keys['interpreter']

return ''

4 changes: 3 additions & 1 deletion pwnlib/elf/elf.py
Original file line number Diff line number Diff line change
Expand Up @@ -592,6 +592,8 @@ def address(self, new):
self.symbols = dotdict({k:update(v) for k,v in self.symbols.items()})
self.plt = dotdict({k:update(v) for k,v in self.plt.items()})
self.got = dotdict({k:update(v) for k,v in self.got.items()})
for f in self.functions.values():
f.address += delta

# Update our view of memory
memory = intervaltree.IntervalTree()
Expand Down Expand Up @@ -1927,7 +1929,7 @@ def u8(self, address, *a, **kw):
def unpack(self, address, *a, **kw):
"""Unpacks an integer from the specified ``address``."""
self._update_args(kw)
return packing.unpack(self.read(address, context.bytes), *a, **kw)
return packing.unpack(self.read(address, self.bytes), *a, **kw)

def string(self, address):
"""string(address) -> str
Expand Down

0 comments on commit 441b085

Please sign in to comment.